IN THE CLAIMS : 

Please amend claims 1 3 4 3 5 5 18, 42, 54, 55, 59, 63, 64; 
cancel claim 65 without prejudice and disclaimer; and 
add new claims 66-68 as follows. 

1 . (Currently Amended) A method, comprising: 

generating validity information for a packet, wherein the validity information 
comprises all necessary information required to perform a validity check of the packet, 
the validity information comprising algorithm information to be used to perform the 
validity check of the packe t and no pre-established security association is needed to 
verify the packet : 

generating a packet header, comprising the validity information; and 
sending the packet including the header from a first network node to a second 
network node. 

2. (Previously Presented) The method according to claim 1, wherein the 
generating of the validity information comprises generating security information 
indicating security services applied to the packet. 

3. (Cancelled) 
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4. (Currently Amended) The method according to claim-tM , wherein the 
generating of the algorithm information comprises generating the algorithm information 
which indicates an algorithm to be used to perform the validity check of the packet. 

5. (Currently Amended) The method according to claim-41, wherein generating 
of the algorithm information comprises generating the algorithm information which 
comprises values to initialize an algorithm to be used to perform the validity check of the 
packet. 

6. (Previously Presented) The method according to claim 1, wherein the 
generating of the validity information comprises generating public key information of a 
sending node. 

7. (Previously Presented) The method according to claim 6, wherein the 
generating of the public key information comprises generating reference information 
related to how a public key can be obtained. 

8. (Previously Presented) The method according to claim 7, wherein the 
generating of the reference information comprises generating an identity of an entity from 
which the public key can be obtained. 



U.S. Patent Application No. 10/721,504 
Page 3 of 24 



9. (Previously Presented) The method according to claim 7, wherein the 
generating of the reference information comprises generating a public key identifier for 
the public key. 

10. (Previously Presented) The method according to claim 6, wherein the 
generating of the public key information comprises generating the public key. 

11. (Previously Presented) The method according to claim 6, wherein the 
generating of the public key information comprises generating public key verification 
information indicating information in order to verify that the public key actually belongs 
to the sending node. 

12. (Previously Presented) The method according to claim 1 5 wherein the 
generating of the validity information comprises generating an information item to 
prevent replay attacks. 

13. (Previously Presented) The method according to claim 12, wherein the 
generating of the information item comprises including in the information item an 
indication of a procedure to be used for anti replay attacks. 
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14. (Previously Presented) The method according to claim 12, wherein the 
generating of the information item comprises including in the information item a time 
stamp. 

15. (Previously Presented) The method according to claim 6, further comprising: 
signing the packet using a private key corresponding to a public key indicated by 

the validity information in the packet header in a sending network node. 

16-17. (Cancelled) 

18. (Currently Amended) An apparatus, comprising: 

validity information generating means for generating validity information for a 
packet; 

packet header generating means for generating a header for the packet, comprising 
the validity information; and 

sending means for sending the packet including the header to a receiving network 

node, 

wherein the validity information comprises all necessary information required for 
performing a validity check of the packe t and no pre-established security association is 
needed to verify the packet and the validity information comprises algorithm information 
to be used to perform the validity check of the packet. 
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19-41. (Cancelled) 

42. (Currently Amended) An apparatus, comprising: 

a validity information generator configured to generate validity information for a 
packet; 

a packet header generator configured to generate a header for the packet, 
comprising the validity information; and 

a transmitter configured to send the packet including the header to a receiving 
network node, 

wherein the validity information comprises all necessary information required to 
perform a validity check of the packe t and no pre-established security association is 
needed to verify the packet , and the validity information comprises algorithm information 
to be used to perform the validity check of the packet. 

43. (Previously Presented) The apparatus according to claim 42, wherein the 
validity information comprises security information indicating security services applied 
to the packet. 
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44. (Previously Presented) The apparatus according to claim 42, wherein the 
validity information comprises algorithm information indicating an algorithm to be used 
to perform the validity check of the packet. 

45. (Previously Presented) The apparatus according to claim 42, wherein the 
validity information comprises public key information of a sending node. 

46. (Previously Presented) The apparatus according to claim 45, wherein the 
public key information comprises reference information related to how a public key can 
be obtained. 

47. (Previously Presented) The apparatus according to claim 46, wherein the 
reference information comprises an identity of an entity from which the public key can be 
obtained. 

48. (Previously Presented) The apparatus according to claim 46, wherein the 
reference information comprises a public key identifier for the public key. 

49. (Previously Presented) The apparatus according to claim 45, wherein the 
public key information comprises a public key. 
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50. (Previously Presented) The apparatus according to claim 45, wherein the 
public key information comprises public key verification information indicating 
information in order to verify that the public key actually belongs to the sending node. 

51. (Previously Presented) The apparatus according to claim 42, wherein the 
validity information comprises an information item to prevent replay attacks. 

52. (Previously Presented) The apparatus according to claim 51, wherein the 
information item to prevent replay attacks contains an indication of a procedure to be 
used for anti-replay attacks. 

53. (Previously Presented) The apparatus according to claim 51, wherein the 
information item to prevent replay attacks contains a time stamp. 

54. (Currently Amended) The apparatus according to claim-^ 42, further 
comprising: 

a signor configured to sign the packet using a private key corresponding to a 
public key indicated by the validity information in the packet header in the sending 
network node. 

55. (Currently Amended) An apparatus, comprising: 
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a receiver configured to receive packets from a sending network node; and 
a checker configured to perform a validity check of a packet by referring to 

validity information contained in a header of the packet, 

wherein the validity information comprises all necessary information required to 

perform the validity check of the packe t and no pre-established security association is 

needed to verify the packet , and the validity information comprises algorithm information 

to be used to perform the validity check of the packet. 

56. (Previously Presented) The apparatus according to claim 55, wherein the 
validity information comprises security information indicating security services applied 
to the packet. 

57. (Previously Presented) The apparatus according to claim 55, wherein the 
validity information comprises algorithm information indicating an algorithm to be used 
to perform the validity check of the packet. 

58. (Previously Presented) The apparatus according to claim 55, wherein the 
validity information comprises public key information of a sending node. 

59. (Currently Amended) An apparatus, comprising: 
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a transmitter configured to forward packets from a sending network node to a 
receiving network node; and 

a checker configured to perform a validity check of a packet by referring to 
validity information contained in a header of the packet, 

wherein the validity information comprises all necessary information required to 
perform a validity check of the packe t and no pre-established security association is 
needed to verify the packet , and the validity information comprises algorithm information 
to be used to perform the validity check of the packet. 

60. (Previously Presented) The apparatus according to claim 59, wherein the 
validity information comprises security information indicating security services applied 
to the packet. 

61. (Previously Presented) The apparatus according to claim 59, wherein the 
validity information comprises algorithm information indicating an algorithm to be used 
to perform the validity check of the packet. 

62. (Previously Presented) The apparatus according to claim 59, wherein the 
validity information comprises public key information of a sending node. 

63. (Currently Amended) A methods comprising: 
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receiving packets; and 

performing a validity check of a packet by referring to validity information 
contained in a header of the packet, 

wherein the validity information comprises all necessary information required for 
performing the validity check of the packe t and no pre-established security association is 
needed to verify the packet , the validity information comprising algorithm information to 
be used for performing the validity check of the packet. 

64. (Currently Amended) A methods comprising: 
forwarding received packets; and 

performing means for performing a validity check of a packet by referring to 
validity information contained in a header of the packet, 

wherein the validity information comprises all necessary information required for 
performing a validity check of the packe t and no pre-established security association is 
needed to verify the packet , the validity information comprising algorithm information to 
be used for performing the validity check of the packet. 

65. (Cancelled) 

66. (New) A computer program configured to operate on a computer readable 
medium, that when executed controls a processor to perform: 
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generating validity information for a packet, wherein the validity information 
comprises all necessary information required to perform a validity check of the packet 
and no pre-established security association is needed to verify the packet, the validity 
information comprising algorithm information to be used to perform the validity check of 
the packet; 

generating a packet header, comprising the validity information; and 
sending the packet including the header from a first network node to a second 
network node. 

67. (New) A computer program configured to operate on a computer readable 
medium, that when executed controls a processor to perform: 

receiving packets; and 

performing a validity check of a packet by referring to validity information 
contained in a header of the packet, 

wherein the validity information comprises all necessary information required for 
performing the validity check of the packet and no pre-established security association is 
needed to verify the packet, the validity information comprising algorithm information to 
be used for performing the validity check of the packet. 

68. (New) A computer program configured to operate on a computer readable 
medium, that when executed controls a processor to perform: 



U.S. Patent Application No. 10/721,504 
Page 12 of 24 



forwarding received packets; and 

performing means for performing a validity check of a packet by referring to 
validity information contained in a header of the packet, 

wherein the validity information comprises all necessary information required for 
performing a validity check of the packet and no pre-established security association is 
needed to verify the packet, the validity information comprising algorithm information to 
be used for performing the validity check of the packet. 
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